RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

July 9, 2024 at 09:21AM

Cybersecurity researchers discovered a vulnerability in the RADIUS network authentication protocol named BlastRADIUS, which allows attackers to carry out Mallory-in-the-middle attacks. This flaw affects all standards-compliant RADIUS clients and servers, making it crucial for ISPs and organizations to update their networking equipment. The vulnerability, with a CVSS score of 9.0, is particularly impactful for networks that send RADIUS/UDP traffic over the internet.

Based on the meeting notes, it seems that there is a significant vulnerability in the RADIUS network authentication protocol discovered by cybersecurity researchers. The vulnerability is referred to as BlastRADIUS and could be exploited by attackers to carry out Mallory-in-the-middle attacks and bypass integrity checks.

The creator of the FreeRADIUS Project, Alan DeKok, highlighted that the RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks, providing potential avenues for attackers to modify packets without detection and force user authentication and authorization.

It’s evident that the security of RADIUS relies on a hash derived using the MD5 algorithm, which has been deemed cryptographically broken, creating the potential for chosen prefix attacks and modification of response packets to pass integrity checks.

The vulnerability poses a particular risk for organizations that send RADIUS packets over the internet. Therefore, it’s recommended that organizations using RADIUS update to the latest version to mitigate the impact of BlastRADIUS.

In terms of mitigation, the use of TLS to transmit RADIUS traffic over the internet and increased packet security via the Message-Authenticator attribute are important factors. Specific vulnerability is identified in PAP, CHAP, and MS-CHAPv2 authentication methods, thereby requiring ISPs to upgrade their RADIUS servers and networking equipment.

Moreover, the article emphasizes that enterprises and ISPs are susceptible to the attack under certain conditions, and it’s important to note that the vulnerability has a CVSS score of 9.0.

The article also points out that the RADIUS protocol’s security has been neglected for some time, with many suggested protections not being made mandatory and several vendors not implementing the suggested protections.

Overall, the discovered vulnerability in the RADIUS protocol seems to have significant implications for network security, especially for organizations that send RADIUS traffic over the internet.

Let me know if you need any further information or assistance on this.

Full Article